Description

When people think of an open source IDS, they usually think of Snort.  Bro is another open source IDS that is more than just an IDS.  It is a Network Security Monitor that does so much more.  Matt Domko joins me this week to talk about Bropy, a tool he built that works with Bro to help perform anomaly detection.  This is definitely a tool you will want to have in your bag of tricks. Some links of interest:

• Bro Homepage: https://www.bro.org/
• Bropy: https://github.com/hashtagcyber/bropy
• Matt's Twitter: @Hashtagcyber
• Matt's Bropy Talk at Security Onion Con: https://www.youtube.com/watch?v=LzFNOuaYc0g

Want to reach out to the show?  There's a few ways to get in touch!

• Show Twitter: @PurpleSquadSec
• John's Twitter: @JohnsNotHere
• Website: purplesquadsec.com
• Slack Sign-Up Link: https://signup.purplesquadsec.com
• John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic

Thanks for listening, and I will talk with you again next time!

Find out more at http://purplesquadsec.com